Russian authorities appear to have continued using Cellebrite phone-cracking technology to access data on a detained human rights activist’s device, even after the Israeli company officially terminated its contract with Moscow. This finding, detailed in a new report, raises questions about the effectiveness of such contract cancellations in preventing the misuse of digital forensic tools by authoritarian regimes.
The University of Toronto’s Citizen Lab analyzed a phone belonging to Andrey Pivovarov, a prominent Russian activist, and examined court documents providing evidence of Cellebrite’s UFED product usage. Pivovarov was arrested in March 2021, convicted in 2022, and later released as part of a prisoner exchange in 2024. Citizen Lab’s investigation suggests his phone was accessed by Russian authorities around June 2021, while he was in state custody.
Concerns Over Continued Use of Cellebrite Technology
The report suggests that information extracted from Pivovarov’s phone may have been used to target other dissidents. Investigators observed a potential link between data obtained from his device and the subsequent targeting of fellow activist Anastasiya Burakova in a hacking campaign attributed to Russia’s Federal Security Service (FSB).
Citizen Lab indicated that older versions of Cellebrite’s forensic systems, like the UFED product, can continue to function effectively even after software updates cease. The report highlighted that these systems historically included an offline mode. This design, according to Citizen Lab, may have made it challenging for Cellebrite to effectively prevent its existing tools from being used by problematic clients.
“While Cellebrite has argued that its cancellations in Russia … went beyond what was legally required, this investigation contributes evidence that the contract cancellation did not immediately block Russia from leveraging Cellebrite’s tools for political persecution,” the report stated. The findings imply that the company’s ability to enforce contract terminations in practice may have limitations, particularly with older hardware.
Cellebrite’s Response and Technical Limitations
Cellebrite has responded to the Citizen Lab report, asserting that its technology would no longer be effective in Russia. The company stated that any use of legacy hardware in the country after March 2021 is unauthorized.
“The Cellebrite hardware previously sold, prior to March 2021, would now be incompatible with modern devices and would operate without our technical support, our consent or any legal sanction from Cellebrite,” Victor Cooper, a spokesperson for Cellebrite, told CyberScoop. He further elaborated that rapid technological advancements render older digital forensic hardware and software obsolete relatively quickly. Russia, he added, remains permanently on the company’s restricted-customer list.
The Russian Embassy in Washington, D.C., did not immediately respond to a request for comment regarding the report’s findings. The implications of this report may lead to increased scrutiny of how technology companies manage and enforce contract restrictions when dealing with governments accused of human rights abuses.
The next steps will likely involve further investigation into the specifics of how the legacy systems were maintained and operated. Observers will be watching to see if Cellebrite implements additional measures to ensure its technology is not misused, and if governments will face greater pressure to provide transparency regarding their digital surveillance capabilities.

